<?php
include("../includes/global-settings.php");

mysql_connect($dbhost, $dbuser, $dbpass)or die("Could not connect: " . mysql_error());
mysql_select_db($dbname) or die(mysql_error());

session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from Form
$username = mysql_real_escape_string($_POST['username1']); 
$password = mysql_real_escape_string($_POST['password1']); 
$password = md5($password); // Encrypted Password
$sql      = "SELECT Username, Password FROM users WHERE username='$username' and password='$password'";
$result   = mysql_query($sql);
$count    = mysql_num_rows($result);

// If result matched $username and $password, table row must be 1 row
if($count == 1) {
	$_SESSION['username'] = $username;
	$_SESSION['password'] = $password;
header("location: ../home.php");
} else {
header("Location: ../index.php");
}
}
?>